In a captivating episode of the Redefining Society Podcast, Marco Ciappelli engages with Lennart Maschmeyer to explore the complexities of subversion in the digital era.
Guest: ✨ Lennart Maschmeyer, Senior Researcher at Center for Security Studies (CSS) at ETH Zurich [@CSS_ETHZurich]
On LinkedIn | https://www.linkedin.com/in/lennartmaschmeyer/
____________________________
Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast
On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli
_____________________________
This Episode’s Sponsors
BlackCloak 👉 https://itspm.ag/itspbcweb
Bugcrowd 👉 https://itspm.ag/itspbgcweb
Episode Introduction
Welcome to another thought-provoking episode of the Redefining Society Podcast! I'm Marco Ciappelli, and today, we're diving deep into the intricacies of subversion, cyber warfare, and manipulation techniques with our special guest, Lennart Maschmeyer. As a Senior Researcher at the Center for Security Studies at ETH Zurich, Lennart brings a nuanced perspective on how technology intersects with international politics and conflict.
Setting the Scene
This episode begins with an introduction highlighting the excitement of being in the same time zone as Lennart Maschmeyer, an expert in subversion and cyber conflicts, joining us from Zurich. The picturesque setting of ETH Zurich serves as a backdrop for our exploration of complex topics such as cyber warfare and manipulation techniques.
The Path to Cybersecurity
Lennart shares his unconventional journey into cybersecurity and international relations. Originally a photographer with aspirations of becoming a surgeon, Lennart eventually found his passion in political science and cybersecurity. He holds a PhD in Political Science from the University of Toronto and an MPhil in International Relations from the University of Oxford. His research focuses on the subversive nature of cyber power, particularly its operational challenges and strategic limitations.
Subversion and Cyber Warfare: Historical and Modern Perspectives
A key discussion in this episode revolves around the concept of subversion. Lennart emphasizes that while the mechanisms of subversion aren't entirely new, the technology involved has evolved. Subversion involves finding and exploiting vulnerabilities within systems to manipulate them. Lennart argues that this method, though theoretically powerful, faces practical challenges.
Drawing comparisons between historical subversion techniques during the Cold War and modern-day cyber operations, Lennart notes that both forms of subversion rely on similar mechanisms, despite differences in technology. Whether it was Cold War-era spies infiltrating societies or modern-day hackers manipulating computer systems, the essence of subversion remains the same: exploiting vulnerabilities to achieve political goals without overt violence.
Notable Cyber Operations and Their Impact
Throughout the discussion, Lennart references several notable cyber operations, such as attempts to disable power grids in Ukraine and large-scale disinformation campaigns. Despite the initial hype surrounding these operations, their practical impact often fell short of strategic goals. Operations like NotPetya spread uncontrollably, sometimes causing collateral damage, highlighting the inherent unpredictability and limitations of such cyber initiatives.
The Future of Cyber Warfare and Traditional Subversion
As Lennart delves deeper into his research findings, he underscores that while cyber operations can have significant local and temporary effects, they often lack the capacity to decisively change political outcomes on a larger scale. Traditional subversion techniques, though less flashy, often prove more effective.
Moving forward, Lennart suggests that we must remain vigilant against both traditional and modern subversive threats. The focus should not just be on sophisticated cyber attacks but also on more traditional forms of espionage and subversion. The orchestration of various tactics, including cyber operations, disinformation, and direct sabotage, represents the real threat—a nuanced blend of old and new.
Conclusion
In closing, Lennart and I reflect on the importance of understanding the broader context in which these technologies operate. We emphasize that technology alone doesn't change the world; it's how people use it that matters. Recognizing the potential and limitations of both cyber and traditional subversion is crucial for navigating the evolving landscape of international conflict and security.
This episode of the Redefining Society Podcast sheds light on the complexities of subversion in the digital age. For a detailed exploration of these themes and more, be sure to tune into the full conversation.
Stay connected for more insightful discussions on how technology is shaping—and being shaped by—our society.
_____________________________
Resources
____________________________
To see and hear more Redefining Society stories on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-society-podcast
Watch the webcast version on-demand on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllTUoWMGGQHlGVZA575VtGr9
Are you interested in sponsoring an ITSPmagazine Channel?
👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcast
Subversion in the Digital Age | A Conversation with Lennart Maschmeyer | Redefining Society with Marco Ciappelli
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
[00:00:00] Marco Ciappelli: Hello, everybody. This is Marco Ciappelli. Welcome to another episode of Redefining Society. I am here. All the way in the old continent in Europe as, uh, you've probably seen from the past couple of episodes. And uh, that's great because I'm actually on the same time zone than, than my guest, which usually when it's from Europe and I'm in LA it's usually a little complicated for one of us.
But today it's uh, it's a good time. It's working time for the both of us. And uh, I'm looking forward to this conversation is with the. A researcher, um, at the University of Zurich, which the, I have connected with many people in the past. I even got to visit that beautiful place, uh, on the hill with a beautiful view of Zurich.
I wish I was there right now. And uh, you know, one, one person knows another and, uh, Miriam, which is a professor there suggested me to have a chat with, uh, Lennart Maschmeyer. And, uh, it's about subversion and it's about, you know, Uh, cyber war and, uh, manipulation techniques. And, uh, we'll, we'll, we'll dive in with, uh, somebody that knows a little bit more than me about the subject.
So here we go. Leonard, welcome to the show.
[00:01:22] Lennart Maschmeyer: Yeah, thanks
for
having me. I'm excited to do this.
[00:01:25] Marco Ciappelli: Me too. I am very excited. I already talked very well about where you are. Um, the, the good thing about having a, the podcast on the same time zone, which is wonderful. And, uh, yeah. And the fact that I love, uh, Zurich.
So here you go. Uh, that's a good start, but, uh, we're not going to talk about that. This is not a travel, travel guide or, or that kind of show that we probably could. We're going to talk about your last book and a little bit about what is your passion and what you're researching. So let's start with, with that.
Let's start with you and who you are, what you do and why you are passionate about this kind of topics.
[00:02:06] Lennart Maschmeyer: Yeah, well, that's a big question and we don't have that much time. So I think I need to give you the very short version.
[00:02:12] Marco Ciappelli: Give me the truth.
[00:02:12] Lennart Maschmeyer: I really, I ended up in this position. I never expected that that's what I would be doing, but I love it now.
But I went here through a kind of windy road. I was a photographer for a while. Oh, okay. And then I, uh, I was going to be a surgeon first. Then I went into photography and, uh, finally ended up in political science, international relations. But also all through my studies, I was doing something completely different.
Just for my PhD, I decided I want to do something, uh, that's a bit more forward looking, not that much backward looking. So that's how I ended up studying cybersecurity and the internet as a revolutionary technology. That was my starting point. And when I started this now, it's, it's almost exactly 10 years ago.
I started my PhD and I started thinking about all this. And especially at that time, there was this, really kind of, I think, well established expectation that we have, you know, the information revolution has revolutionized society. And also that now with the possibility of cyber operations, basically just hacking into computers for political gain in, in, in the context of, of cyber conflicts.
So basically, you know, states using this as an instrument of power and that this revolutionary technology, information communications technology also revolutionizes conflict because. It's super fast, right? It's instantaneous communication. It reaches through the entire globe. And you don't need a lot of equipment to, you know, start hacking into systems and causing some damage.
There's this trope of just a guy in a basement, you know, with, with a laptop. I think Trump actually mentioned it in the 2016 election.
[00:03:54] Marco Ciappelli: Yeah. With a hoodie and his head. And yeah, I don't know if it's reality, but okay. That's, that's how people think about it though.
[00:04:02] Lennart Maschmeyer: Yeah. Especially, I think now it's changed a little bit, but at that time, that was really the prevailing kind of expectation.
That's also how I started. I wanted to write a thesis basically about how this technology has transformed security politics. And the traditional kind of way that, you know, states compete and they go to war or they threaten each other with material powers or just kind of military capabilities or what Russia is using against Ukraine right now.
And the idea is that you don't, you don't really need or was that you don't really need this stuff anymore. Right? Because why go through all that trouble if you can just disrupt a whole country with the cyber operation, the fear of, you know, knocking off a power grid, for example, it's still there. It's one of the main scenarios that always comes up in the cyber war discussions.
Used to be Russia, now it's kind of shifted towards China, especially in the U. S. Most of the forward looking scenarios are that. Yeah, so anyway, I wanted to study this, and I was looking into how to study this, right? What kind of conflict are we looking at? What is the best way to analyze this through a lens of, you know, political science, security studies?
And the more I looked into it, the more I realized that actually this kind of activity has very little to do with warfare. Because warfare is about Organized violence. That's the simplest, most simple way of putting it, right? It's about basically forcing your opponent or compelling your opponent to your will, to do what you want through force.
That's how Clausewitz, one of the, you know, classic writers on the topic has defined it. But hacking and cyber operations is exactly the opposite. There is no force involved. It's about Creatively, you know, finding flaws in systems, finding vulnerabilities, and then exploiting them to make systems do things they're not supposed to.
That's the essence of hacking, right? So that's what I started focusing on this mechanism. How does this mechanism compare? What are the analogies to this in international politics? Because the expectation has been, since this is very different also to the use of force, that this is entirely novel, right?
That we didn't have anything like this before. And that's also why we need completely new theories. to explain it. But as I was looking through, and as I said, I started with the warfare literature on that and the history of it. I, I, and I got nudged by one of my supervisors, John Lindsay, to, uh, look more into covert operations and intelligence operations.
So that's where I, as soon as I kind of started looking through that literature and, and, you know, basically stumbled upon this idea of subversion, even though it's very chaotic in most of these books. There's just, there's not really theory about it. It's mostly like spy fiction, not as much fiction as James Bond, but kind of going in that direction.
You know, there's this mysterious characters walking about doing all kinds of hidden things and kind of moving the world from the shadows. And, uh, on the one hand, there's the great hope of, you know, you can achieve all kinds of things similar to, and that's also what was striking to me, reading some of this literature from the Cold War mainly, this expectation that there is this fantastic tool that states have to just change the balance of power, maybe even win the Cold War without ever going to war.
And that's through, uh, the term used there also, subversion, which is not really very well explained. So basically Especially in the Cold War, it was just the idea of over kind of overthrowing a regime from within, secretly also, without making it really clear who's behind that. But that's, that's just one of the goals.
It doesn't have to be necessarily the goal of subversion. And really, if you look at it as an instrument, what is the defining feature of it? I realized it's the mechanism, how it works. And that's through finding some flaws in a system, exploiting it, and then manipulating that system. A bit more abstract way of saying that, you know, you just use spice to infiltrate a society, infiltrate an organization, establish some influence there, but undercover.
These spies, you know, they have fake identities. It's not clear that anyone is exerting power, exerting influence there. And they start manipulating from within by maybe getting, yeah.
[00:08:21] Marco Ciappelli: So subversion, by definition, doesn't involve the use of force. So it doesn't include a coup. It doesn't include a killing the president or killing a minister.
It's all done without re arriving to that action. Am I correct?
[00:08:43] Lennart Maschmeyer: Yeah, in the ideal world, yes. But in practice, sometimes these operations do involve force.
[00:08:51] Marco Ciappelli: But it's still under the subversion definition.
[00:08:54] Lennart Maschmeyer: So I mean, the way I define it in the book is that subversion is or are operations that primarily rely on this mechanism, right?
So you think about you have a spy in the Soviets. They did this very often. They had these well trained spies that will infiltrate societies and generally they would act peacefully. But sometimes they would, you know, use blackmail, for example, using or just threatening force to someone to get them to do what they want.
Got it. So they were still, they were in a position to do this because they had infiltrated that country and, you know, had this undercover identity, but then it doesn't mean that it's always just the clean kind of way of producing an outcome.
[00:09:37] Marco Ciappelli: So as your student does, Um, you realize that maybe it wasn't that revolutionary technique is just using a different tool as often happen, but we're still hacking people mind, and we're still using psychological technique, maybe to get to to that point.
And if I'm assuming correctly, again, you don't see this big advantage of the use of cybercrime versus the more traditional. Subversion technique. Am I correct?
[00:10:13] Lennart Maschmeyer: Yeah. I mean, that's one of the big things that also surprised me that come out of this, this book. So the point is, what I realized, what I was saying already is right that cyber operations are not by definition new.
The mechanism has been there. What is new is the technology that you can target now, right? So, I mean, the traditional stuff targets organizations, societies, people, and cyber operations, they target computer systems. Right. But they still produce an outcome by, you know, exploiting some vulnerability in the system, manipulating it.
But they can, because of that change, it's a different kind of system. So they can also, and they're more flexible in that way, cyber operations, you can go after users, right? And a lot of operations do that. They just, often the easiest way is a phishing email, just finding a gullible user, and you don't need to do any advanced 3D technical stuff.
But it's also possible to find vulnerabilities in, uh, hardware and software itself. And sometimes this can be, you know, really powerful if it's a pervasively used system that like this, uh, exit, uh, util, for example, vulnerability that was recently discovered, right. That could have been a vector into SSH, one of the main secure communications channels.
So there are definitely new opportunities that the technology opens up. And that's also what this book ultimately looks into. So the starting point is. This is not entirely new, right? We've just been, or at least a lot of the cyber war stuff is just looking in the wrong place by trying to establish some analogy to warfare and what kind of operations, cyber operations could be considered, you know, acts of war.
When in reality, most of the activity in cyber conflict just falls below that threshold. There isn't really. And there haven't been any kind of equivalence to armed attacks where people die or also there's significant destruction. But still, there is a lot going on, right? And cyber operations are very disruptive.
They can cause a lot of damage without necessarily causing this kind of physical destruction. So they are clearly politically relevant. States are using them. And they can also give states some advantage. So the, the, the, yeah, I'm treading the line between saying it's not a revolution, but it doesn't mean that it doesn't matter.
Right. And I think that's one of the problems with the debate around Ukraine. That's one of my case studies where some people saying, well, this is a cyber war now, you know, this, uh, changes everything. And then other saying, no, look at the cyber operations. They don't matter at all in this conflict that the cyber war didn't happen.
So it's more in the middle. And then the question becomes, So this instrument is not new. The technology is new. And then what does it change about subversion, about the nature of subversion as an instrument of power? And that's what I'm examining. And so one of the things we discussed already, there are different types of vulnerabilities you can exploit, but there are also different kinds of subversive strategies you can implement.
You also mentioned it already, right? One of them is a cool overthrowing a government. You can't really do that with a cyber operation alone for the simple fact that, uh, Governments are still run by people and I hopefully, I hope it's going to be like that for a little while to come. We don't know. Should
[00:13:22] Marco Ciappelli: we talk about generative AI now?
[00:13:25] Lennart Maschmeyer: Yes, like overlord. Of course, that might change the scenario. Then you can probably overthrow a government with a cyber operation, but right now you can't really do that. And the same thing that Subversion is very good at, the traditional stuff, is manipulating governments from, from the inside. So one of the famous cases is, um, uh, Günther Guillaume is his name, who was an East German spy, who was undercover, deployed in West Germany, and managed to become one of the closest advisors of the German Chancellor at the time, Willy Brandt.
And for three years, as Willy Brandt was a Chancellor, this Günther Guillaume basically had the Chancellor's ear. So he not only had highest level intelligence, he could bring back to the East German intelligence service, but could also directly influence German policy through this, right? Until he was uncovered as a spy.
This is also not something you can implement with cyber operations alone. They can definitely help, especially the indirect route of manipulating policy through disinformation campaigns. And, you know, also just manipulating information, hack and leak operations. Those kinds of things. But the only thing that cyber operations can do independently, that's the third kind of subversive strategy, is just eroding a state from within over the long term without any specific goal.
It's not about changing some specific policy, but it's just about this kind of diffuse long term erosion of cohesion in a society, sabotaging infrastructure. Sabotaging institutions, just, you know, basically introducing friction and making things not work as well as they're supposed to. And with that, cyber operations on the one hand, they can do this independently.
And I think they probably also have some advantages because it is possible to do things at much larger scale. And we have some examples. So one example I have in the book, what I'm comparing is the Soviet campaign against the Prague Spring in Czechoslovakia in the 60s and early 70s. where basically what happened was there was a liberalizing government that made the Soviet Union fear they're basically going to lose Czechoslovakia from their sphere of influence and then deployed their subversive agents to try to stop this, infiltrate the government, infiltrate civil society.
And Ukraine since 2014, which is a very similar scenario because Ukraine started this pro western foreign policy in 2013. And for Russia, this has been perceived from Moscow, as now it also has become very clear, as the same kind of threat of losing Ukraine from its sphere of influence. And before this horrible invasion that started two years ago, Russia had for eight, nine years pursued this intense strategy of subversion, of trying to get Ukraine to change course.
So, strategically, it's a very similar case. It's what's different. What's different is obviously the technology in Czechoslovakia. You just have traditional operations, basically illegal undercover spies. That's how they were called. These deep cover, the elite spies of the KGB. And in Ukraine you have everything together though.
You have those kinds of spies too. Then you have covert warfare in Eastern Ukraine and the takeover of Crimea, which was really a significant subversive success, but also a lot of cyber operations. And that in the end makes Ukraine an interesting and important case because It has been this paradigmatic case, really, of cyber conflict and conflict short of war.
And most recently, with this U. S. strategy that has shifted from deterrence, which is about warfare and stopping attacks, making your opponents fear your retaliation so much that they don't attack you, to what's now called persistent engagement. which is about just engaging your adversary constantly below this threshold of warfare, because the expectation is that's where cyber operations are most effective.
And not only that, the theory that underlies it, that's written by Richard Harknett, Michael Fisher Keller, Emily Goldman, they published a book on this two years ago, the expectation there is very clearly that cyber operations make it possible for states to achieve things, strategic outcomes without going to war that they could not previously achieve without going to war.
So again, this expectation of revolutionary change and Ukraine is a significant case here because Russia is one of the most powerful actors in that space. And it has intensely, you know, it has tried really everything to get Ukraine to change course with everything it had in its power under this threshold of going to war.
So that means if anywhere in the world, we would expect to see this effectiveness of cyber operations as a new instrument of power in action. That's it. And I mean, to put the conclusion first, we know it now. It obviously didn't work. That's why Russia had to invade. There was a choice of either basically losing or escalating and then using force because the alternative had fallen short.
So in that way, it's a very significant development. And also challenged to that expectation that we have this. Revolutionary change. Yeah,
[00:18:38] Marco Ciappelli: let me ask you one thing, because I'm thinking you're comparing one situation, the Prague, the spring of Prague, where clearly we had no internet. I wasn't even born, almost, but I wasn't born.
Um, so it's more of this scenario that you describe where sounds very Machiavellian or Shakespearean to me, where you have the presence of someone close to the power manipulates and it's very theatrical and probably very, very effective. While the other one you're mentioning, uh, with the, with the cyber warfare is a manipulation that is more than on the individual or the power, more of changing the mass, right?
So alterating, maybe voting on one side or the other, creating a scandalous situation, creating Fake news and all of that. But despite these, your conclusion is that really cyber war is not, it's not stronger, it's not a better instrument for, for this than the traditional. Am I getting this right?
[00:19:48] Lennart Maschmeyer: Yeah.
[00:19:49] Marco Ciappelli: Yeah.
I mean, the reason
[00:19:50] Lennart Maschmeyer: is, and that's another big parallel between the historical literature that I was going through from the Cold War and subversion. And now a lot of what it's written on, on cyber warfare, cyber operations. that most of what is written, most of these assessments and predictions, they're based on what's possible in theory.
So I already mentioned the infrastructure scenarios or also large scale election interference. I mean, anything you can, can imagine where technology, you know, is involved and might change an outcome, might manipulate people. There's a lot of things you can imagine. A lot of us are plausible scenarios, but the problem is, and that's really the crux of the situation, that not everything that's possible in theory.
Is also doable, feasible in practice. And
[00:20:34] Marco Ciappelli: factors, right?
[00:20:35] Lennart Maschmeyer: Yeah. And so what I'm showing in this book is that there is this really underappreciated, there are these underappreciated challenges and subversive operations that really limit effectiveness in most cases. And that's missing from a lot of the theorizing.
And the same is the case for cyber operations, because these challenges, they're really inherent to this mechanism of, you know, finding vulnerabilities, exploiting them, manipulating a system, and depending on. staying hidden, hiding this manipulation from the victim's perspective, at least until you produce whatever effect you want to produce.
Because otherwise, you know, once a victim finds out that there's someone in the systems they can, or that they have a spy, you know, uncover a spy, as the example in Germany, it's very easy to neutralize that operation. You just arrest the spy. Cyber operations, not always that easy, but at least if you find malware on a system, for example, you can delete it.
[00:21:26] Marco Ciappelli: Right. Yeah. And
[00:21:27] Lennart Maschmeyer: those challenges mean that I mean, the, the theory in, in, in the book also goes obviously in much more detail, but to put it really short, you have challenges in the intensity of effects you can achieve because you have to be careful what you do, your speed is limited because you depend on finding vulnerabilities, manipulating them.
You have to learn how a system works and that takes time and that's, that doesn't change. It actually, cyber operations might take even longer because computer systems tend to be more, more and more complex. And then it always depends whatever effect you want to produce depends on making a system that someone else designed and operates, do things that those designers and operators didn't foresee, didn't expect, and still ensure that, you know, this kind of unexpected behavior is exactly in line with your own expectations.
And that means your, your control over the system is first, it's limited because it's temporary. Your, your victim can kick you out whenever they see you, but also whatever manipulation you do. There's always a risk that the system behaves unexpectedly, that it fails, you fail to produce the outcome, your hack might not work, or the spy, you know, sabotages the wrong thing, or just doesn't, isn't able to influence someone they want to influence.
Or there's even some unintended consequences, some collateral damage. So all of that means that, you know, in theory, subversion is this really kind of cheap and easy and low risk and effective means of power that can, in the, in the greatest, you know, case can really overthrow a government, put, install a government that is completely aligned with your own interests.
But in practice, in most cases, these subversive operations and campaigns, they tend to be either too slow or too weak or too volatile, too unpredictable to produce strategic value, which just means, you know, that they. allow states to achieve their political goals. And that doesn't change with the new technology.
That's, that's the core of the argument. And that's what I'm showing in these case comparisons too. So in Czechoslovakia, right, the, the Russians, the Soviets in a way, they also tried what was a new technology at the time, which were these illegal spies that were trained to be deployed in the West in that, uh, by the KGB, which had taken years to train them.
But then decided to take these spies, take them out of their sometimes target countries in the West and deploy them in Czechoslovakia because they were their most elite agents. So they assume that they're also going to be the most effective way of manipulating Czechoslovakia. And in Ukraine, right, there's this experimentation with cyber operations as a new subversive tool.
That some people have actually called this conflict in Ukraine, Russia's test lab for cyber warfare. Yeah. And throughout, and I have two cases there, but there is a lot of different operations I, I can look at in each case, which also means you can, and I can compare them against each other. And also how over the years in each case, these intelligence agencies behind they, they try to improve on their methods, you know, try to alleviate some of these constraints and challenges and learn and how to get better.
And despite that, These fundamental constraints, they're really clearly visible throughout, and they have limit, in most cases, the impact of these subversive operations, which mean there are some operations that succeed, but they still fall short of, you know, kind of rising above that threshold of making a difference at a national level where, you know, it would change decisively, or maybe even significantly, or in most cases, measurably.
Change any political outcome in Czechoslovakia or in Ukraine.
[00:25:08] Marco Ciappelli: Do you have some cases, maybe not as, um, in your face or large scale that maybe did succeed in more focused tunnel vision mission that you've said? Yeah, well, maybe if we keep it constrained, it could be effective. But the moment you blow it up, There's a lot of crumbles that technology can see.
And I'm sure my friend cyber secure right now, they're like, yeah, we're doing our job very well. We can find everything. So any, any example that maybe it's a scale problem?
[00:25:49] Lennart Maschmeyer: Yeah. I mean, so basically in Czechoslovakia, it starts with a bunch of experimentation, really daring stuff. They tried to kidnap some people that even tried to assassinate.
They had some kind of crazy assassination scheme. And they also created this fake evidence of a counter revolution where they planted, they tried to create these weapons caches that they were then uncovered by some journalists, but they did this all so badly that it was all discovered and no one really believed in it.
The aim was to discredit the movement, right? And at the same time, infiltrating the government from within, trying to create a coup, which failed in the most basic and really stupid way because they missed the timing. So there were these. Agents within Czechoslovakian government that were supposed to start a no confidence vote against the liberal leader of Czechoslovakia at the time, the very moment the invasion started.
But they missed the time because they had mixed up the time zones between Moscow and Prague. So they were too late and the whole thing collapsed.
[00:26:46] Marco Ciappelli: A computer would have helped there. Huh? A computer would have helped, maybe.
[00:26:51] Lennart Maschmeyer: Yeah, or just a cell phone, right? Yeah. So all this kind of daring and big stuff didn't really work, but then there was another, and this is not a confirmed operation, but very likely it was an intelligence operation, which was really curious thing where after the ice hockey finals, world championships in ice hockey in 1969, the Czechoslovakian team had beaten the Soviets and there were these huge celebrations in Prague, hundreds of thousands of people on the street.
But some of them started rioting and then one of the targets of the rioters was the office of Eroflot, the Soviet airline in centhe former leader of Czechoslovakia, in his memoirs, who wrote that there were Soviet agents among the crowd and there were also basically stones.
Some piles of stones had been placed very conveniently near this office and those agents started throwing the stones. You know, other people joined in. So in that way, instigated the violence and right after followed a crackdown by Soviet security against
So this was a trigger that led him to finally resign, which had been the main aim of the Soviets. So it's not that the subversive operation here, it's supposed at least operation caused it, but triggered at least the moment, you know, and influenced his decision making. So in that way, it is clearly a consequential thing.
It's just far less dramatic than a lot of the other stuff they tried. And in, uh, Ukraine, similarly, especially in the beginning, right? When, when Russia started its subversive operations, they also did a lot of really daring stuff with cyber operations. There were these two attempts to take out down the power grid.
Which, which both succeeded technically. So they did manage to cut the power. There was also a lot of reporting, some really dramatic reporting too, sensationalist headlines about, you know, on some articles arguing that, okay, now they managed to shut down the power there. This is the next chapter in cyber war, and they could easily shut down the power in Washington DC for two weeks.
For example, that was one of the conclusions drawn, but if you look at the operations a bit more closely. It shows on the one hand that it was still, they made a lot of mistakes and they succeeded despite kind of screwing up a bunch of things, partially because of carelessness by the victims. But even ignoring all that, the outages that these, both of these operations caused were so short and still relatively small in scale that they didn't really have measurable economic impacts, also psychological ones, because power outages have been quite a common thing in Ukraine.
So most people didn't even notice that this was something extraordinary and definitely not strategic. There was no, you know, impact on Ukraine's ability to resist Russia's aggression. Then you had NotPetya, the large scale, uh, uh, basically economic warfare operation that just disrupted most of Ukraine's private sector with the self spreading virus, a worm called NotPetya.
Which just encrypted data, rendered it unusable. There was no way to decrypt it. But, and that on the one hand, it was very successful because it's spread, uh, uncontrollably, but that again, and on the flip side turned out to be the greatest downside of that operation because it also affected Russia and it's spread, you know, far beyond Ukraine.
They, they maximize the scale here. One of the advantages of cyber operations. But in the very kind of the characteristics that made it possible to maximize scale also made it uncontrollable in a way that ultimately I would argue backfired and probably didn't, wasn't a net benefit for Russia. And one really important thing to consider there, why that conclusion is probably what happened is that Russia has deployed 20, uh, wipers against Ukraine that function very similarly to North Korea since the outbreak of the war.
Now, And none of them have spread in the same uncontrollable way. So even in this war scenario, right, where you would expect that all kind of restraint is gone, it's just about causing maximum damage. Even there, they've been very careful in controlling the spread of these wipers, which, you know, is very much in line with the conclusion that they want to, wanted to avoid another NERDpatia because this ultimately didn't benefit them.
So all of this kind of big flashy stuff, probably was not very useful strategically apart from, you know, feeding into this narrative of Russia as this leading cyber power and threat. But one operation that hasn't been, uh, reported on very much was very, that was very simple, but very effective was, uh, and again, it's kind of a classic thing.
It started with some phishing emails. Someone clicked on it in the ministry of finance in Ukraine, which happened to have very bad it security, which made it much easier to just infect computers there because. Most of them were so outdated, they didn't have any patches, you know, really unpatched software, old, sometimes old Windows versions.
So it was a really vulnerable organization that was still economically very important, obviously, Ministry of Finance. And so the Sandworm, the hacking group that's also been behind most of the other operations against Ukraine, they managed to infect the systems of this Ministry of Finance, including it's, uh, those systems that control the processing of all kinds of financial transactions, BIT techs.
General kind of business tax system and also social security payments. And did this right at the time at the beginning of the month in December 2016 when those payments were supposed to go through. And they disrupted those systems through very simple means but caused huge economic damage. Probably around 60 million dollars was one estimate which might not sound as much in the US context but in Ukraine where salaries are much, much lower.
This was really a huge blow for businesses and people affected who, you know, were depending on those payments, especially the social security pay. And this took very little time to prepare from, I don't remember the exact numbers now, but it was, it was a fraction of the time that was required for the power grid intrusion.
For example, that took 19 months for the first one in 2015, the second. Margaret Sabotage took 31 months to prepare, and this Ministry of Finance, I think, took something around three months or so of preparation altogether. And very little development of, you know, new techniques. And then still had, from all these cyber operations in that period, had by far the biggest impact, economically and also psychologically, for people, as I said, right, who didn't receive their payments.
So that's on the cyber side. On the traditional side in Ukraine, I think I already mentioned the takeover of Crimea was a huge success and that was entirely done though through traditional subversive means. So that's another kind of big piece of evidence that underlines how these traditional means, traditional subversion, which in that case was about mobilizing a group of proxy actors that Russia had carefully kind of cultivated over years before on the fringes of society there, To then help instigate protests against the government in local government in Crimea and under the mantle of those protests, then so protected by special forces, occupy and take over government buildings and then, you know, install a pro Russian, uh, kind of puppet government and run these referenda and also surround military posts so quickly that Ukraine's army was not able to really mount any resistance.
And run some, uh, I think disinformation campaigns through, uh, yeah, through local media. That's what Russia has been doing there for a long time, but really remarkable, right? Because that actually, that takeover of Crimea, that was the, for many people in the West, that was really a turning point in a revolution and warfare where Russia had a, was able to take over territory without kind of ever firing a single shot.
And many then started, you know, referring to this as a new type of warfare, hybrid warfare, which is empowered by new technologies. But if you look at that actual campaign, it was all really traditional stuff. You could have done the same in the Cold War with the same means. And compared to anything else that Russia has achieved there, it's by far the biggest success, right?
Taking, taking over an entire territory. There are a few other examples, sabotage against the arms depot, destroying huge amounts of artillery shells. Also completely dwarfed anything that cyber operations have achieved.
[00:35:36] Marco Ciappelli: So, Lennart, uh, what's, what's the lesson here as we wrap these and invite people to, to read the book?
I mean, what, what is the, on your opinion, the lesson into looking into the future? I mean, are we, are we kind of distracted by this potential theoretical force of, Cyber warfare, when in reality we need to be still concerned about physical, kinetic, or, or social, psychological manipulation, uh, old school, like media, um, what, what's, uh, what's that voice here moving forward then?
[00:36:16] Lennart Maschmeyer: I think, I mean, one of the basic, maybe more philosophical points is that, you know, technology itself doesn't change things in the world. It's about how people use it. And people, we, we haven't really changed, right? The, the way we operate, what drives us, it's the same. So that's why it's useful and important.
I think not to be too distracted by just the technology and then thinking about the technology can do X. So it's going to have, you know, this outcome on society, but more looking at what kinds of interactions in society are going to be affected, what kinds of processes are going to be changed? How is people use the technology?
And in that. Subversion is one example of that. And as part of that, seeing cyber operations, not as something unique and new, and that's, you know, in a different category of its own because of the technology, but more that, okay, this is part of subversive campaigns and cyber operations are one part of it.
That's very clear. Also in Ukraine. Russia used all kinds of different instruments and integrated cyber operations with them. And this current focus on cyber threats, right, as a unique thing and building up cyber commands and, you know, shields up against cyber threats. I think the risk is really distracting from those integrated campaigns, which can be really effective and looking not only at the cyber threats, but also the really traditional stuff.
And in Europe now, right, there's more and more evidence of. Russian spies being in Germany, for example, where I'm from more and more cases coming up of just infiltration with Russian spies, sabotage attempts. There's this arms ammunition factory in Berlin went up in flames two weeks ago. It's unclear what happened.
And a few weeks before Russian collaborators or Russian agents were caught who were plotting, you know, sabotage acts against infrastructure and industry there. And say, also supporting a bunch of far right and I think also far left parties in Europe. I mean, Russia is supporting them, right? And directly kind of manipulating politicians who are in line with this interest or maybe just kind of agents of chaos.
Those are all real and significant threats that might also be more immediately threatening than the more remote scenarios of cyber attacks. It's not impossible that cyber attacks can cause real damage, right? That's the important lesson really that comes from it. It's just that under most circumstances, they're not going to be very effective ways of doing this.
So if a state wants to cause real damage, there are usually other means to do this more effectively and efficiently, such as simple sabotage or in a war setting, right, shooting a missile.
[00:38:56] Marco Ciappelli: Or maybe it's an orchestration of all the above and Yeah, one is even the distracting factor versus where things are really happening.
Um, so who, who is this book for? Um, I know it just got published. I know it had a little bit of delay. We were supposed to have this conversation a while back, but I know it's available now under the Oxford University Press. And, uh, and I'm going to put in the notes. Um, how to get in touch with you, your website and of course the link to the book.
But, you know, the last minute I would like for you to tell us, is this an academic book? Is it for anybody interested in trying to understand what's going on in the world nowadays and how technology is influencing these things? Or Can anybody just pick it up and understand it? Or do they need to be a geek like we are?
[00:39:52] Lennart Maschmeyer: Yeah. I mean, it's an academic book, but I've, I've tried my best to make it, write it in a way that, you know, is straightforward. So, I mean, it does develop a theory, test the theory against evidence. So it's very much, you know, academic method. But I'm also kind of zooming out at the bigger picture as we did in the discussion today.
[00:40:13] Marco Ciappelli: Yeah. So it's
[00:40:13] Lennart Maschmeyer: aimed on the one hand on academics, but also at people who work in cybersecurity and, you know, who deal with these kinds of operations all the time. Also, maybe people who work in governments, although there are not that many of it, but I hope at least some of it read it. Yeah. But otherwise the, you know, informed public, people who are interested in any of the things we discussed, cyber operations, subversion, spying.
Uh, conflict short of war, hybrid war for all of them. There should be something interesting in there. And also the larger question of how does technology change world politics? That's especially what the final chapter looks into.
[00:40:52] Marco Ciappelli: Sounds interesting to me. I'm sure it's interesting to a lot of people listening to redefining society because it's all about technology and society and how the line in between the The cyber and the real world, and I'm doing air quotes here.
It's, uh, I don't know. I don't think it's there anymore. Whatever we do online, it's, it's life. And so even, even when it comes to, unfortunately, war and political operations, subversion, and manipulation of election and so on, which we're gonna hear a lot in the next few months, I'm sure people will be Should at least educate themselves, uh, if they are interested.
So, Lennart, thank you so much for stopping by. Uh, we went a little longer because I'm, you know, I'm very fascinated by this kind of topics. A big thank you to Miriam, Don, Cavalti for referring, um, each other so we could have this conversation. And, uh, that's it. I'm going to say goodbye to the audience. Stay tuned and subscribe for more conversations like this.
And definitely get in touch with Lennart and if you're interested. Thank you again.
[00:42:01] Lennart Maschmeyer: Thanks for having me. That was great. Thanks.
[00:42:03] Marco Ciappelli: I enjoyed it.